About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
nicowow
's Blog
Created: Thursday, August 30 2007 16:09.20 CDT
Modified: Thursday, August 30 2007 17:38.16 CDT
Printer Friendly ...
Immunity Debugger v1.1 Release
Author:
nicowow
# Views:
9014
The number one request this month was "Please implement a Python shell so I can write scripts and play with immlib features on the fly!". This is now done. Enjoy! Next to that we continued our efforts to improve the overall debugging experience with two new libraries, libstackanalyze and Ero's Carrera pefile and two new scripts: searchcrypt and stackvar. The Immunity Debugger engine has also undergone changes to improve reliability issues, fix reported memleaks and remove some well-know bugs used for packers such as the printfloat format error (a.k.a the FLD bug). Keep in mind we still have a contest going for the best Immunity Debugger script. The winner gets a free SILICA! Get more details from
http://forum.immunityinc.com/index.php?topic=12.0
.
We hope you enjoy this month's release. You can upgrade your current Immunity Debugger by going to Help/Update or directly downloading from
http://debugger.immunityinc.com/register.html
Feedback, Requests, and Cool Screenshots are always welcomed at
http://forum.immunityinc.com
Sincerely,
Team Immunity
http://www.immunityinc.com
PS: If you are a company, and you are looking for a person
with the right skills, try our ID Job Advertisement program:
http://www.immunityinc.com/products-idadvertising.shtml
-------------------------------
1.1 Build 0
August 30, 2007
New Features:
o Interactive Python Shell added
o Lookaside enhanced output + Discovery option
o libdatatype "Get" Function
o Get OS information methods
o Ero Carrera's pefile.py (http://code.google.com/p/pefile/)
o Python engine rewritten to properly use thread locking/unlocking
o Added ignoreSingleStep method for immlib (TRANSPARENT + CONVENTIONAL)
o Attach process window is now dynamically searchable
o Added clean ID memory methods inside immlib
o Added Stack analyzation library (libstackanalyze)
o Fixed some memleak on Disasm
o Fixed wrong arguments on Disasm operand
o Improved Patch command
o Safeseh moved into a PyCommand
New Scripts:
o searchcrypt PyCommand
o stackvars PyCommand
Bug Fixes:
o Solved 'ij' issue inside attach window
o Fixed VCG parser (Blocks display complete address now)
o Fixed traceback error when trying to graph and not attached
o Fixed printfloat() format error
o Fixed ret value of Getaddrfromexp in case of non-existing expression
Blog Comments
simpleuser
Posted: Friday, August 31 2007 02:46.39 CDT
Hey, I thought we could have a free dinner with Kostya instead :D
n00b
Posted: Friday, August 31 2007 06:18.14 CDT
Wow man nice work i have one question how does the stackvars command work.I tried it and couldn't get it to work i execute the Command !stackvars and it asks for an argument. ??? is this an address i have to put in i just want it to scan every thing.
thanks nicowow
nicowow
Posted: Friday, August 31 2007 08:53.41 CDT
simpleuser: The kostya dinner is still an option for the prize (It would be mine, but im not allowed to play)
noob: You can get the usage information from a script by doing : !usage stackvars
The way to run stackvar is simple:
!stackvars function_address
There is no option to do it on every function, but I will ask the guys for it. You can also import it from your script (libstackanalize) and use it (And so, check every function you want), check PyCommands/stackanalize.py to see how to do it.
n00b
Posted: Friday, August 31 2007 09:34.24 CDT
Yeh i found that out lol after a little playing about nice addition thank's.
Add New Comment
Comment:
There are
31,320
total registered users.
Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
hi!
Jul/01
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...
Recent Blog Comments
nieo
on:
Mar/22
IAT Patcher - new tool for ...
djnemo
on:
Nov/17
Kernel debugger vs user mod...
acel
on:
Nov/14
Kernel debugger vs user mod...
pedram
on:
Dec/21
frida.github.io: scriptable...
capadleman
on:
Jun/19
Using NtCreateThreadEx for ...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit